CVE-2016-10257

Name of the Vulnerable Software and Affected Versions Symantec Advanced Secure Gateway (ASG) versions 6.6 through 6.7.2.1 Symantec ProxySG versions 6.5 through 6.5.10.6 Symantec ProxySG versions 6.6 through 6.7.2.1

Description The management console of the affected software is susceptible to a reflected XSS issue. A remote attacker can use a crafted management console URL in a phishing attack to inject arbitrary JavaScript code into the management console web client application.

Recommendations For Symantec Advanced Secure Gateway (ASG) versions 6.6 through 6.7.2.1, update to version 6.7.2.1 or later. For Symantec ProxySG versions 6.5 through 6.5.10.6, update to version 6.5.10.6 or later. For Symantec ProxySG versions 6.6 through 6.7.2.1, update to version 6.7.2.1 or later.